US9781220B2ActiveUtilityPatentIndex 52
Identity management in a networked computing environment
Est. expiryApr 17, 2033(~6.8 yrs left)· nominal 20-yr term from priority
H04L 67/30H04L 43/16H04L 67/10H04W 4/046H04W 4/003H04L 67/22H04L 67/535H04W 4/60
52
PatentIndex Score
1
Cited by
17
References
20
Claims
Abstract
An approach for user identity management in a virtualized/networked (e.g., cloud) computing environment is provided. In a typical embodiment, historical command usage within a server environment is analyzed to determine the characteristics of the commands being run against a cloud resource to determine with a confidence rating the likelihood the commands are being executed by a certain user. Such an approach allows for more efficient user identity management in order to optimize cloud security and system administration.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method for identifying an unknown user in a networked computing environment, the method comprising the computer-implemented steps of:
receiving, by at least one computer device over a network, a set of commands entered by the unknown user in a logged-in environment, the set of commands having a command name and a set of command options;
determining, by the at least one computer device, a user style of the unknown user based on an analysis of the set of commands, including detecting a pattern within the set of command options;
performing, by the at least one computer device, a matching operation between the user style of the unknown user and a set of profiles of known users in a profiles database, wherein each profile includes a user style associated with each respective known user; and
terminating, by the at least computer device, in response to the matching operation not providing a matching user, an access of the unknown user to the logged-in environment in the networked environment.
2. The method of claim 1 , further comprising the computer-implemented step of calculating a confidence level based on the matching operation.
3. The method of claim 1 , wherein the user style is based on the set of commands received and characteristics associated with the set of commands received.
4. The method of claim 1 , wherein the set of profiles is based on historical data.
5. The method of claim 1 , wherein the networked computing environment comprises a cloud computing environment.
6. The method of claim 2 , further comprising the computer-implemented step of allowing the user to continue entering commands when the confidence level exceeds a predefined threshold.
7. The method of claim 2 , further comprising the computer-implemented step of implementing at least one action, as set forth in a set of rules, to require the unknown user to provide additional information when the confidence level does not exceed a predefined threshold.
8. A system for identifying an unknown user in a networked computing environment, comprising:
a memory medium comprising instructions;
a bus coupled to the memory medium; and
a processor coupled to the bus that when executing the instructions causes the system to:
receive, over a network, a set of commands entered by the unknown user in a logged-in environment, the set of commands having a command name and a set of command options;
determine a user style of the unknown user based on an analysis of the set of commands, including detecting a pattern within the set of command options;
perform a matching operation between the user style of the unknown user and a set of profiles of known users in a profiles database, wherein each profile includes a user style associated with each respective known user; and
terminate, in response to the matching operation not providing a matching user, an access of the unknown user to the logged-in environment in the networked environment.
9. The system of claim 8 , the memory medium further comprising instructions for causing the system to calculate a confidence level based on the matching operation.
10. The system of claim 8 , wherein the user style is based on the set of commands received and characteristics associated with the set of commands received.
11. The system of claim 8 , wherein the set of profiles is based on historical data.
12. The system of claim 8 , wherein the networked computing environment comprises a cloud computing environment.
13. The system of claim 9 , the memory medium further comprising instructions for causing the system to allow the user to continue entering commands when the confidence level exceeds a predefined threshold.
14. The system of claim 9 , the memory medium further comprising instructions for causing the system to implement at least one action, as set forth in a set of rules, to require the unknown user to provide additional information when the confidence level does not exceed a predefined threshold.
15. A computer program product for identifying an unknown user in a networked computing environment, the computer program product comprising a computer readable storage device, and program instructions stored on the computer readable storage device, to:
receive, over a network, a set of commands entered by the unknown user in a logged-in environment, the set of commands having a command name and a set of command options;
determine a user style of the unknown user based on an analysis of the set of commands, including detecting a pattern within the set of command options;
perform a matching operation between the user style of the unknown user and a set of profiles of known users in a profiles database, wherein each profile includes a user style associated with each respective known user; and
terminate, in response to the matching operation not providing a matching user, an access of the unknown user to the logged-in environment in the networked environment.
16. The computer program product of claim 15 , the computer readable storage device further comprising instructions to calculate a confidence level based on the matching operation.
17. The computer program product of claim 15 , wherein the user style is based on the set of commands received and characteristics associated with the set of commands received.
18. The computer program product of claim 15 , wherein the set of profiles is based on historical data.
19. The computer program product of claim 16 , the computer readable storage device further comprising instructions to allow the user to continue entering commands when the confidence level exceeds a predefined threshold.
20. The computer program product of claim 16 , the computer readable storage device further comprising instructions to implement at least one action, as set forth in the set of rules, to require the unknown user to provide additional information when the confidence level does not exceed a predefined threshold.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.